<?php
//connect to mysql database
require("config.php");
//start session
session_start();

 //This code runs if the form has been submitted
 if (isset($_POST['submit'])) { 

 //This makes sure they did not leave any fields blank
 if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] | !$_POST['addr'] | !$_POST['fname'] | !$_POST['lname'] | !$_POST['email']) {
		
 		die('You did not complete all of the required fields. <a href="javascript: history.go(-1)"> Go Back. </a>');
 	}
 // checks if the username is in use
 	if (!get_magic_quotes_gpc()) {
 		$_POST['username'] = addslashes($_POST['username']);
 	}

 $usercheck = $_POST['username'];
 $check = mysql_query("SELECT u_name FROM customers WHERE u_name = '$usercheck'");
 $check2 = mysql_num_rows($check);

 //if the name exists it gives an error
 if ($check2 != 0) {
 		die('Sorry, the username '.$_POST['username'].' is already in use. <a href="javascript: history.go(-1)"> Go Back. </a>');
 }
 // this makes sure both passwords entered match
 	if ($_POST['pass'] != $_POST['pass2']) {
 		die('Your passwords did not match. <a href="javascript: history.go(-1)"> Go Back. </a>');
	}
			
 	// encrypt the password and add slashes if needed
 	$_POST['pass'] = md5($_POST['pass']);
 	if (!get_magic_quotes_gpc()) {
 		$_POST['pass'] = addslashes($_POST['pass']);
 		$_POST['username'] = addslashes($_POST['username']);
 	}

 // insert customer info into the database

 	$insert = "INSERT INTO customers (u_name, password, f_name, l_name, address, email, date_registered)
 			VALUES ('".$_POST['username']."', '".$_POST['pass']."', '".$_POST['fname']."', '".$_POST['lname']."', '".$_POST['addr']."', '".$_POST['email']."', now())";
 	$add_member = mysql_query($insert);
 	?>
	<script language="javascript">
	if(window.confirm("Registered. You may now log in.")) {
		document.location = "../customer_login.php";
	} else {
		document.location="../register.php";	
	}
	</script>
 <?php 
 } 
 ?>